diff --git a/frontends/php/disc_prototypes.php b/frontends/php/disc_prototypes.php
index 5b9866b4ae..a591310896 100644
--- a/frontends/php/disc_prototypes.php
+++ b/frontends/php/disc_prototypes.php
@@ -208,19 +208,25 @@ $fields = [
 										null
 									],
 	'http_authtype' =>				[T_ZBX_INT, O_OPT, null,
-										IN([HTTPTEST_AUTH_NONE, HTTPTEST_AUTH_BASIC, HTTPTEST_AUTH_NTLM]),
+										IN([HTTPTEST_AUTH_NONE, HTTPTEST_AUTH_BASIC, HTTPTEST_AUTH_NTLM,
+											HTTPTEST_AUTH_KERBEROS
+										]),
 										null
 									],
 	'http_username' =>				[T_ZBX_STR, O_OPT, null,	NOT_EMPTY,
 										'(isset({add}) || isset({update})) && isset({http_authtype})'.
 											' && ({http_authtype} == '.HTTPTEST_AUTH_BASIC.
-												' || {http_authtype} == '.HTTPTEST_AUTH_NTLM.')',
+												' || {http_authtype} == '.HTTPTEST_AUTH_NTLM.
+												' || {http_authtype} == '.HTTPTEST_AUTH_KERBEROS.
+											')',
 										_('Username')
 									],
 	'http_password' =>				[T_ZBX_STR, O_OPT, null,	NOT_EMPTY,
 										'(isset({add}) || isset({update})) && isset({http_authtype})'.
 											' && ({http_authtype} == '.HTTPTEST_AUTH_BASIC.
-												' || {http_authtype} == '.HTTPTEST_AUTH_NTLM.')',
+												' || {http_authtype} == '.HTTPTEST_AUTH_NTLM.
+												' || {http_authtype} == '.HTTPTEST_AUTH_KERBEROS.
+											')',
 										_('Password')
 									],
 	// actions
diff --git a/frontends/php/host_discovery.php b/frontends/php/host_discovery.php
index 8ff901f70c..b5919e829e 100644
--- a/frontends/php/host_discovery.php
+++ b/frontends/php/host_discovery.php
@@ -191,19 +191,23 @@ $fields = [
 									null
 								],
 	'http_authtype' =>			[T_ZBX_INT, O_OPT, null,
-									IN([HTTPTEST_AUTH_NONE, HTTPTEST_AUTH_BASIC, HTTPTEST_AUTH_NTLM]),
+									IN([HTTPTEST_AUTH_NONE, HTTPTEST_AUTH_BASIC, HTTPTEST_AUTH_NTLM,
+										HTTPTEST_AUTH_KERBEROS
+									]),
 									null
 								],
 	'http_username' =>			[T_ZBX_STR, O_OPT, null,	NOT_EMPTY,
 									'(isset({add}) || isset({update})) && isset({http_authtype})'.
 										' && ({http_authtype} == '.HTTPTEST_AUTH_BASIC.
-											' || {http_authtype} == '.HTTPTEST_AUTH_NTLM.')',
+											' || {http_authtype} == '.HTTPTEST_AUTH_NTLM.
+											' || {http_authtype} == '.HTTPTEST_AUTH_KERBEROS.')',
 									_('Username')
 								],
 	'http_password' =>			[T_ZBX_STR, O_OPT, null,	NOT_EMPTY,
 									'(isset({add}) || isset({update})) && isset({http_authtype})'.
 										' && ({http_authtype} == '.HTTPTEST_AUTH_BASIC.
-											' || {http_authtype} == '.HTTPTEST_AUTH_NTLM.')',
+											' || {http_authtype} == '.HTTPTEST_AUTH_NTLM.
+											' || {http_authtype} == '.HTTPTEST_AUTH_KERBEROS.')',
 									_('Password')
 								],
 	// actions
diff --git a/frontends/php/httpconf.php b/frontends/php/httpconf.php
index 88752b7902..33e929cbf6 100644
--- a/frontends/php/httpconf.php
+++ b/frontends/php/httpconf.php
@@ -51,11 +51,17 @@ $fields = [
 	],
 	'pairs'           => [T_ZBX_STR, O_OPT, P_NO_TRIM,  null,                    null],
 	'steps'           => [T_ZBX_STR, O_OPT, P_NO_TRIM,  null,                    'isset({add}) || isset({update})', _('Steps')],
-	'authentication'  => [T_ZBX_INT, O_OPT, null,  IN('0,1,2'),             'isset({add}) || isset({update})'],
+	'authentication'  => [T_ZBX_INT, O_OPT, null,  IN('0,1,2,3'),           'isset({add}) || isset({update})'],
 	'http_user'       => [T_ZBX_STR, O_OPT, null,  NOT_EMPTY,               '(isset({add}) || isset({update})) && isset({authentication}) && ({authentication} == '.HTTPTEST_AUTH_BASIC.
-		' || {authentication} == '.HTTPTEST_AUTH_NTLM.')', _('User')],
+			' || {authentication}=='.HTTPTEST_AUTH_NTLM.' || {authentication}=='.HTTPTEST_AUTH_KERBEROS.
+		')',
+		_('User')
+	],
 	'http_password'		=> [T_ZBX_STR, O_OPT, P_NO_TRIM,	NOT_EMPTY,		'(isset({add}) || isset({update})) && isset({authentication}) && ({authentication} == '.HTTPTEST_AUTH_BASIC.
-		' || {authentication} == '.HTTPTEST_AUTH_NTLM.')', _('Password')],
+			' || {authentication}=='.HTTPTEST_AUTH_NTLM.' || {authentication}=='.HTTPTEST_AUTH_KERBEROS.
+		')',
+		_('Password')
+	],
 	'http_proxy'		=> [T_ZBX_STR, O_OPT, null,	null,				'isset({add}) || isset({update})'],
 	'new_application'	=> [T_ZBX_STR, O_OPT, null,	null,				null],
 	'hostname'			=> [T_ZBX_STR, O_OPT, null,	null,				null],
diff --git a/frontends/php/include/classes/api/services/CHttpTest.php b/frontends/php/include/classes/api/services/CHttpTest.php
index d843f7350b..78d92a7b18 100644
--- a/frontends/php/include/classes/api/services/CHttpTest.php
+++ b/frontends/php/include/classes/api/services/CHttpTest.php
@@ -287,7 +287,7 @@ class CHttpTest extends CApiService {
 				'value' =>				['type' => API_STRING_UTF8, 'flags' => API_REQUIRED | API_NOT_EMPTY, 'length' => DB::getFieldLength('httptest_field', 'value')]
 			]],
 			'status' =>				['type' => API_INT32, 'in' => implode(',', [HTTPTEST_STATUS_ACTIVE, HTTPTEST_STATUS_DISABLED])],
-			'authentication' =>		['type' => API_INT32, 'in' => implode(',', [HTTPTEST_AUTH_NONE, HTTPTEST_AUTH_BASIC, HTTPTEST_AUTH_NTLM])],
+			'authentication' =>		['type' => API_INT32, 'in' => implode(',', [HTTPTEST_AUTH_NONE, HTTPTEST_AUTH_BASIC, HTTPTEST_AUTH_NTLM, HTTPTEST_AUTH_KERBEROS])],
 			'http_user' =>			['type' => API_STRING_UTF8, 'length' => DB::getFieldLength('httptest', 'http_user')],
 			'http_password' =>		['type' => API_STRING_UTF8, 'length' => DB::getFieldLength('httptest', 'http_password')],
 			'verify_peer' =>		['type' => API_INT32, 'in' => implode(',', [HTTPTEST_VERIFY_PEER_OFF, HTTPTEST_VERIFY_PEER_ON])],
@@ -382,7 +382,7 @@ class CHttpTest extends CApiService {
 				'value' =>				['type' => API_STRING_UTF8, 'flags' => API_REQUIRED | API_NOT_EMPTY, 'length' => DB::getFieldLength('httptest_field', 'value')]
 			]],
 			'status' =>				['type' => API_INT32, 'in' => implode(',', [HTTPTEST_STATUS_ACTIVE, HTTPTEST_STATUS_DISABLED])],
-			'authentication' =>		['type' => API_INT32, 'in' => implode(',', [HTTPTEST_AUTH_NONE, HTTPTEST_AUTH_BASIC, HTTPTEST_AUTH_NTLM])],
+			'authentication' =>		['type' => API_INT32, 'in' => implode(',', [HTTPTEST_AUTH_NONE, HTTPTEST_AUTH_BASIC, HTTPTEST_AUTH_NTLM, HTTPTEST_AUTH_KERBEROS])],
 			'http_user' =>			['type' => API_STRING_UTF8, 'length' => DB::getFieldLength('httptest', 'http_user')],
 			'http_password' =>		['type' => API_STRING_UTF8, 'length' => DB::getFieldLength('httptest', 'http_password')],
 			'verify_peer' =>		['type' => API_INT32, 'in' => implode(',', [HTTPTEST_VERIFY_PEER_OFF, HTTPTEST_VERIFY_PEER_ON])],
diff --git a/frontends/php/include/classes/api/services/CItemGeneral.php b/frontends/php/include/classes/api/services/CItemGeneral.php
index 5d77019a1f..b19859f82d 100644
--- a/frontends/php/include/classes/api/services/CItemGeneral.php
+++ b/frontends/php/include/classes/api/services/CItemGeneral.php
@@ -1985,14 +1985,17 @@ abstract class CItemGeneral extends CApiService {
 			],
 			'authtype' => [
 				'type' => API_INT32,
-				'in' => implode(',', [HTTPTEST_AUTH_NONE, HTTPTEST_AUTH_BASIC, HTTPTEST_AUTH_NTLM])
+				'in' => implode(',', [
+					HTTPTEST_AUTH_NONE, HTTPTEST_AUTH_BASIC, HTTPTEST_AUTH_NTLM, HTTPTEST_AUTH_KERBEROS
+				])
 			]
 		];
 
 		$data = $item + $db_item;
 
 		if (array_key_exists('authtype', $data)
-				&& ($data['authtype'] == HTTPTEST_AUTH_BASIC || $data['authtype'] == HTTPTEST_AUTH_NTLM)) {
+				&& ($data['authtype'] == HTTPTEST_AUTH_BASIC || $data['authtype'] == HTTPTEST_AUTH_NTLM
+					|| $data['authtype'] == HTTPTEST_AUTH_KERBEROS)) {
 			$rules += [
 				'username' => [
 					'type' => API_STRING_UTF8, 'flags' => API_REQUIRED | API_NOT_EMPTY,
diff --git a/frontends/php/include/defines.inc.php b/frontends/php/include/defines.inc.php
index 1bcdd629d9..83a503d092 100644
--- a/frontends/php/include/defines.inc.php
+++ b/frontends/php/include/defines.inc.php
@@ -841,9 +841,10 @@ define('PARAM_TYPE_COUNTS',		1);
 define('ZBX_DEFAULT_AGENT', 'Zabbix');
 define('ZBX_AGENT_OTHER', -1);
 
-define('HTTPTEST_AUTH_NONE',	0);
-define('HTTPTEST_AUTH_BASIC',	1);
-define('HTTPTEST_AUTH_NTLM',	2);
+define('HTTPTEST_AUTH_NONE',        0);
+define('HTTPTEST_AUTH_BASIC',       1);
+define('HTTPTEST_AUTH_NTLM',        2);
+define('HTTPTEST_AUTH_KERBEROS',    3);
 
 define('HTTPTEST_STATUS_ACTIVE',	0);
 define('HTTPTEST_STATUS_DISABLED',	1);
diff --git a/frontends/php/include/httptest.inc.php b/frontends/php/include/httptest.inc.php
index eb1c1bae76..9403a72a35 100644
--- a/frontends/php/include/httptest.inc.php
+++ b/frontends/php/include/httptest.inc.php
@@ -26,7 +26,8 @@ function httptest_authentications($type = null) {
 	$authentication_types = [
 		HTTPTEST_AUTH_NONE => _('None'),
 		HTTPTEST_AUTH_BASIC => _('Basic'),
-		HTTPTEST_AUTH_NTLM => _('NTLM')
+		HTTPTEST_AUTH_NTLM => _('NTLM'),
+		HTTPTEST_AUTH_KERBEROS => _('Kerberos')
 	];
 
 	if (is_null($type)) {
diff --git a/frontends/php/include/views/configuration.host.discovery.edit.php b/frontends/php/include/views/configuration.host.discovery.edit.php
index 62b0200455..5a72b96d75 100644
--- a/frontends/php/include/views/configuration.host.discovery.edit.php
+++ b/frontends/php/include/views/configuration.host.discovery.edit.php
@@ -283,7 +283,8 @@ $itemFormList->addRow(
 		(new CComboBox($data['limited'] ? '' : 'http_authtype', $data['http_authtype'], null, [
 			HTTPTEST_AUTH_NONE => _('None'),
 			HTTPTEST_AUTH_BASIC => _('Basic'),
-			HTTPTEST_AUTH_NTLM => _('NTLM')
+			HTTPTEST_AUTH_NTLM => _('NTLM'),
+			HTTPTEST_AUTH_KERBEROS => _('Kerberos')
 		]))->setEnabled(!$data['limited'])
 	],
 	'http_authtype_row'
diff --git a/frontends/php/include/views/configuration.item.edit.php b/frontends/php/include/views/configuration.item.edit.php
index cebe5a9573..8e1a889f93 100644
--- a/frontends/php/include/views/configuration.item.edit.php
+++ b/frontends/php/include/views/configuration.item.edit.php
@@ -324,7 +324,8 @@ $itemFormList->addRow(
 		(new CComboBox($readonly ? '' : 'http_authtype', $data['http_authtype'], null, [
 			HTTPTEST_AUTH_NONE => _('None'),
 			HTTPTEST_AUTH_BASIC => _('Basic'),
-			HTTPTEST_AUTH_NTLM => _('NTLM')
+			HTTPTEST_AUTH_NTLM => _('NTLM'),
+			HTTPTEST_AUTH_KERBEROS => _('Kerberos')
 		]))->setEnabled(!$readonly)
 	],
 	'http_authtype_row'
diff --git a/frontends/php/include/views/configuration.item.prototype.edit.php b/frontends/php/include/views/configuration.item.prototype.edit.php
index c02b156157..3e6018f2a0 100644
--- a/frontends/php/include/views/configuration.item.prototype.edit.php
+++ b/frontends/php/include/views/configuration.item.prototype.edit.php
@@ -312,7 +312,8 @@ $itemFormList->addRow(
 		(new CComboBox($readonly ? '' : 'http_authtype', $data['http_authtype'], null, [
 			HTTPTEST_AUTH_NONE => _('None'),
 			HTTPTEST_AUTH_BASIC => _('Basic'),
-			HTTPTEST_AUTH_NTLM => _('NTLM')
+			HTTPTEST_AUTH_NTLM => _('NTLM'),
+			HTTPTEST_AUTH_KERBEROS => _('Kerberos')
 		]))->setEnabled(!$readonly)
 	],
 	'http_authtype_row'
diff --git a/frontends/php/include/views/js/common.item.edit.js.php b/frontends/php/include/views/js/common.item.edit.js.php
index 6360b44edb..15c3bdbcf9 100644
--- a/frontends/php/include/views/js/common.item.edit.js.php
+++ b/frontends/php/include/views/js/common.item.edit.js.php
@@ -390,7 +390,8 @@ zbx_subarray_push($this->data['authTypeVisibility'], ITEM_AUTHTYPE_PUBLICKEY, 'r
 		if (jQuery('#http_authtype').length) {
 			new CViewSwitcher('http_authtype', 'change', <?= zbx_jsvalue([
 				HTTPTEST_AUTH_BASIC => ['http_username_row', 'http_password_row'],
-				HTTPTEST_AUTH_NTLM => ['http_username_row', 'http_password_row']
+				HTTPTEST_AUTH_NTLM => ['http_username_row', 'http_password_row'],
+				HTTPTEST_AUTH_KERBEROS => ['http_username_row', 'http_password_row']
 			], true) ?>);
 		}
 		<?php
diff --git a/frontends/php/items.php b/frontends/php/items.php
index 737f54046c..9ceb12eab4 100644
--- a/frontends/php/items.php
+++ b/frontends/php/items.php
@@ -174,19 +174,23 @@ $fields = [
 									null
 								],
 	'http_authtype' =>			[T_ZBX_INT, O_OPT, null,
-									IN([HTTPTEST_AUTH_NONE, HTTPTEST_AUTH_BASIC, HTTPTEST_AUTH_NTLM]),
+									IN([HTTPTEST_AUTH_NONE, HTTPTEST_AUTH_BASIC, HTTPTEST_AUTH_NTLM,
+										HTTPTEST_AUTH_KERBEROS
+									]),
 									null
 								],
 	'http_username' =>			[T_ZBX_STR, O_OPT, null,	NOT_EMPTY,
 									'(isset({add}) || isset({update})) && isset({http_authtype})'.
 										' && ({http_authtype} == '.HTTPTEST_AUTH_BASIC.
-											' || {http_authtype} == '.HTTPTEST_AUTH_NTLM.')',
+											' || {http_authtype} == '.HTTPTEST_AUTH_NTLM.
+											' || {http_authtype} == '.HTTPTEST_AUTH_KERBEROS.')',
 									_('Username')
 								],
 	'http_password' =>			[T_ZBX_STR, O_OPT, null,	NOT_EMPTY,
 									'(isset({add}) || isset({update})) && isset({http_authtype})'.
 										' && ({http_authtype} == '.HTTPTEST_AUTH_BASIC.
-											' || {http_authtype} == '.HTTPTEST_AUTH_NTLM.')',
+											' || {http_authtype} == '.HTTPTEST_AUTH_NTLM.
+											' || {http_authtype} == '.HTTPTEST_AUTH_KERBEROS.')',
 									_('Password')
 								],
 	// actions
diff --git a/include/common.h b/include/common.h
index fb608d9366..ccd3dd9141 100644
--- a/include/common.h
+++ b/include/common.h
@@ -900,7 +900,8 @@ typedef enum
 {
 	HTTPTEST_AUTH_NONE = 0,
 	HTTPTEST_AUTH_BASIC,
-	HTTPTEST_AUTH_NTLM
+	HTTPTEST_AUTH_NTLM,
+	HTTPTEST_AUTH_NEGOTIATE
 }
 zbx_httptest_auth_t;
 
diff --git a/src/libs/zbxhttp/http.c b/src/libs/zbxhttp/http.c
index d9bda84ead..b44fe69b6c 100644
--- a/src/libs/zbxhttp/http.c
+++ b/src/libs/zbxhttp/http.c
@@ -149,6 +149,15 @@ int	zbx_http_prepare_auth(CURL *easyhandle, unsigned char authtype, const char *
 			case HTTPTEST_AUTH_NTLM:
 				curlauth = CURLAUTH_NTLM;
 				break;
+			case HTTPTEST_AUTH_NEGOTIATE:
+#if LIBCURL_VERSION_NUM >= 0x072600
+				curlauth = CURLAUTH_NEGOTIATE;
+				break;
+#else
+				*error = zbx_strdup(*error, "Cannot set HTTP server authentication method to"
+						" negotiate: cURL library support >= 7.38.0 is required");
+				return FAIL;
+#endif
 			default:
 				THIS_SHOULD_NEVER_HAPPEN;
 				break;